Progress Software

Progress Software

A global cyberattack targeting US federal government agencies and companies exploited a vulnerability in MOVEit software, made by Progress Software. The breach, orchestrated by Russian cybercriminals, affected the Department of Energy, including specific entities like Oak Ridge Associated Universities and a contractor for the Department of Energy's Waste Isolation Pilot Plant in New Mexico. While no ransom demands were reported to federal agencies, the potential for significant data loss and disruption is evident. The attackers, belonging to the ransomware gang Clop, threatened to leak sensitive data if ransoms were not paid, posing a significant threat to financial, personal, and national security information. Johns Hopkins University and Georgia's state-wide university system are among the victims, indicating the breach's extensive impact on educational institutions, government entities, and potentially critical infrastructure.

Source: https://www.cnn.com/2023/06/15/politics/us-government-hit-cybeattack/index.html

TPRM report: https://scoringcyber.rankiteo.com/company/progress-software

"id": "pro205050824",
"linkid": "progress-software",
"type": "Breach",
"date": "06/2023",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"
{'affected_entities': [{'industry': 'Energy',
                        'location': 'United States',
                        'name': 'Department of Energy',
                        'type': 'Government Agency'},
                       {'industry': 'Education',
                        'location': 'United States',
                        'name': 'Oak Ridge Associated Universities',
                        'type': 'Educational Institution'},
                       {'industry': 'Energy',
                        'location': 'New Mexico',
                        'name': "Contractor for the Department of Energy's "
                                'Waste Isolation Pilot Plant',
                        'type': 'Government Contractor'},
                       {'industry': 'Education',
                        'location': 'United States',
                        'name': 'Johns Hopkins University',
                        'type': 'Educational Institution'},
                       {'industry': 'Education',
                        'location': 'Georgia',
                        'name': "Georgia's State-Wide University System",
                        'type': 'Educational Institution'}],
 'attack_vector': 'Vulnerability in MOVEit Software',
 'data_breach': {'data_exfiltration': 'Yes',
                 'personally_identifiable_information': 'Yes',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Sensitive Data',
                                              'Financial Information',
                                              'Personal Information',
                                              'National Security Information']},
 'description': 'A global cyberattack targeting US federal government agencies '
                'and companies exploited a vulnerability in MOVEit software, '
                'made by Progress Software. The breach, orchestrated by '
                'Russian cybercriminals, affected the Department of Energy, '
                'including specific entities like Oak Ridge Associated '
                "Universities and a contractor for the Department of Energy's "
                'Waste Isolation Pilot Plant in New Mexico. While no ransom '
                'demands were reported to federal agencies, the potential for '
                'significant data loss and disruption is evident. The '
                'attackers, belonging to the ransomware gang Clop, threatened '
                'to leak sensitive data if ransoms were not paid, posing a '
                'significant threat to financial, personal, and national '
                "security information. Johns Hopkins University and Georgia's "
                'state-wide university system are among the victims, '
                "indicating the breach's extensive impact on educational "
                'institutions, government entities, and potentially critical '
                'infrastructure.',
 'impact': {'data_compromised': ['Sensitive Data',
                                 'Financial Information',
                                 'Personal Information',
                                 'National Security Information'],
            'systems_affected': ['MOVEit Software']},
 'initial_access_broker': {'entry_point': 'MOVEit Software Vulnerability',
                           'high_value_targets': ['Department of Energy',
                                                  'Educational Institutions']},
 'motivation': 'Financial Gain, Data Theft',
 'post_incident_analysis': {'root_causes': 'Vulnerability in MOVEit Software'},
 'ransomware': {'data_exfiltration': 'Yes',
                'ransom_demanded': 'Yes',
                'ransomware_strain': 'Clop'},
 'threat_actor': 'Clop Ransomware Gang',
 'title': 'Global Cyberattack on US Federal Agencies and Companies via MOVEit '
          'Software',
 'type': 'Ransomware Attack',
 'vulnerability_exploited': 'MOVEit Software Vulnerability'}
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.